title 516164 Several Insecure errors when running setuid in apache error log
thanks
On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote:
>
> I just upgraded one of my servers from etch to lenny and got :
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure
> $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN>
> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC
> while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 37.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure
> $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN>
> line 77.
> [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure EXEC
> while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, <IN> line 77.
> in the apache logs.
>
There's actually unfortunately more than these 2 :
# grep "Insecure dependency" /var/log/apache2/error.log | sed
's/.*Insecure/Insecure/g' | sed 's/, referer.*//g' | sort -u
Insecure dependency in open while running setuid at /usr/lib/sympa/bin/List.pm
line 10148.
Insecure dependency in open while running setuid at /usr/lib/sympa/bin/Lock.pm
line 203.
Hope this helps.
Regards,
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
